package com.ming.stringstudy.feedbacksystem.Config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfig{
    @Bean
    protected SecurityFilterChain securityFilterChain (HttpSecurity http) throws Exception {
//        http
//                // 关闭 CSRF 保护（根据需要）
//                .csrf().disable()
//                // 授权请求
//                .authorizeRequests()
//                // 允许所有请求
//                .anyRequest().permitAll();
        // 关闭 CSRF 保护（根据需要）
        http.csrf(csrf -> csrf.disable())
                .authorizeHttpRequests(authz ->
                        authz.anyRequest().permitAll()// 允许所有请求
                );

        return http.build();
    }

}